package org.example.springsecurity_.config;

import jakarta.security.auth.message.config.AuthConfig;
import org.example.springsecurity_.filter.JwtFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
public class SecurityConfig {
    @Autowired
    JwtFilter jwtFilter;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
//        http.csrf().disable().authorizeHttpRequests(auth ->auth
//                .requestMatchers("/userLogin.html").permitAll()//允许所有人访问登录页
//                .requestMatchers("/hello").permitAll()//放行hello接口
//                .requestMatchers("/login").permitAll()//放行login接口
//                .requestMatchers("/").permitAll()
//                .requestMatchers("/login1").permitAll()//放行login1接口
//                .anyRequest().authenticated()//其他请求需要认证
//        )
//                .formLogin(login ->login
//                .loginPage("/userLogin.html")//指定自定义的登录页
//                .loginProcessingUrl("/login")//指定SpringSecurity处理登录请求的url
//                .permitAll()
//        );

        http.csrf(csrf -> csrf.disable())
                .authorizeHttpRequests(auth ->auth
                        .requestMatchers("/api/login").permitAll()
                        .requestMatchers("/api/**").authenticated()
                        .requestMatchers("/userinfo/**").authenticated()
                        .requestMatchers("/hello").permitAll()//放行hello接口
                        .anyRequest().permitAll()//其他请求
//                ).formLogin(login ->login
//                        .loginPage("/userLogin.html")
//                        .loginProcessingUrl("/login1")
//                        .permitAll()
                        )
                .sessionManagement(session->session
                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
                .logout(logout -> logout.disable())
                .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);

        return http.build();
    }
    // 密码解码器
    @Bean
    public BCryptPasswordEncoder bCryptPasswordEncoder(){
        return new BCryptPasswordEncoder();
    }
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder(); // 使用 BCrypt 加密
//    }

    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration)throws Exception{
        return authenticationConfiguration.getAuthenticationManager();
    }

//    root编译后:$2a$10$SYGZtD9tR7ykZQEXc5yrW.ybERTqHPlTcN4CDseP0MT9S.bo4XNUe
}
